certifi

PyPI3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting certifipage 1 of 1

CVE-2022-23491MEDIUMCVSS 6.8EG 6.8✓ Fixed in 2022.12.7
2022-12-07
vulnerable: 2017.11.5 ... 2022.9.24 (26 versions)
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These …
CVE-2023-37920HIGHCVSS 7.5EG 7.5✓ Fixed in 2023.7.22
2023-07-25
vulnerable: 2015.04.28 ... 2023.5.7 (43 versions)
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's ro…
CVE-2024-39689HIGHCVSS 7.5EG 7.5✓ Fixed in 2024.7.4
2024-07-05
vulnerable: 2021.10.8 ... 2024.6.2 (15 versions)
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from `G…

Check whether certifi is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for certifi CVEs against the assets you own.

Start Free Scan →